AR084212A1 - METHOD, COMPUTER SYSTEM AND LEGIBLE STORAGE MEDIA BY COMPUTER TO PROVIDE SECURITY THROUGH OPERATION CODES - Google Patents
METHOD, COMPUTER SYSTEM AND LEGIBLE STORAGE MEDIA BY COMPUTER TO PROVIDE SECURITY THROUGH OPERATION CODESInfo
- Publication number
- AR084212A1 AR084212A1 ARP110104591A AR084212A1 AR 084212 A1 AR084212 A1 AR 084212A1 AR P110104591 A ARP110104591 A AR P110104591A AR 084212 A1 AR084212 A1 AR 084212A1
- Authority
- AR
- Argentina
- Prior art keywords
- code
- application
- computer
- application code
- operation codes
- Prior art date
Links
- 238000000034 method Methods 0.000 title abstract 5
- 238000006243 chemical reaction Methods 0.000 abstract 3
- 230000000694 effects Effects 0.000 abstract 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2125—Just-in-time application of countermeasures, e.g., on-the-fly decryption, just-in-time obfuscation or de-obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Devices For Executing Special Programs (AREA)
- Storage Device Security (AREA)
- Executing Machine-Instructions (AREA)
- Detection And Correction Of Errors (AREA)
Abstract
Se describe un sistema de obstrucción de códigos de operación que varía los valores de códigos de operación (opcodes) utilizados por el sistema operativo o por el código de aplicaciones mientras la aplicación es almacenada en memoria. El sistema coloca el código de aplicaciones a través de un proceso de conversión mientras se carga el código de aplicaciones, de modo tal que el código se asienta en memoria con un conjunto alterado de instrucciones. Si se inyecta al proceso código nuevo y potencialmente malintencionado, su conjunto de instrucciones no coincidirá con el del código de aplicación convertido. Cuando se aproxima el momento de ejecutar el código de aplicaciones, el sistema coloca a dicho código de aplicaciones a través de un proceso de conversión inversa que lo convierte nuevamente a los códigos de operación originales. Cualquier código malintencionado inyectado al proceso sobrellevará también la conversión inversa, que tendrá el efecto de hacer que el código malicioso sea detectable como inválido o erróneo.An operation code obstruction system is described which varies the operation code values (opcodes) used by the operating system or by the application code while the application is stored in memory. The system places the application code through a conversion process while the application code is loaded, so that the code sits in memory with an altered set of instructions. If new and potentially malicious code is injected into the process, its instruction set will not match that of the converted application code. When the time to execute the application code is approaching, the system places said application code through a reverse conversion process that converts it back to the original operation codes. Any malicious code injected into the process will also cope with the reverse conversion, which will have the effect of making the malicious code detectable as invalid or wrong.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/972,433 US20120159193A1 (en) | 2010-12-18 | 2010-12-18 | Security through opcode randomization |
Publications (1)
Publication Number | Publication Date |
---|---|
AR084212A1 true AR084212A1 (en) | 2013-05-02 |
Family
ID=46236041
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
ARP110104591 AR084212A1 (en) | 2010-12-18 | 2011-12-07 | METHOD, COMPUTER SYSTEM AND LEGIBLE STORAGE MEDIA BY COMPUTER TO PROVIDE SECURITY THROUGH OPERATION CODES |
Country Status (8)
Country | Link |
---|---|
US (1) | US20120159193A1 (en) |
EP (1) | EP2652668A4 (en) |
JP (1) | JP2014503901A (en) |
KR (1) | KR20130132863A (en) |
CN (1) | CN102592082B (en) |
AR (1) | AR084212A1 (en) |
TW (1) | TW201227394A (en) |
WO (1) | WO2012082812A2 (en) |
Families Citing this family (45)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2012044576A (en) * | 2010-08-23 | 2012-03-01 | Sony Corp | Information processor, information processing method and program |
WO2012174128A1 (en) * | 2011-06-13 | 2012-12-20 | Paneve, Llc | General purpose digital data processor, systems and methods |
EP2901348A4 (en) * | 2012-09-28 | 2016-12-14 | Hewlett Packard Entpr Dev Lp | Application randomization |
WO2014072312A1 (en) | 2012-11-06 | 2014-05-15 | Nec Europe Ltd. | Method and system for executing applications in an untrusted environment |
US20140283038A1 (en) * | 2013-03-15 | 2014-09-18 | Shape Security Inc. | Safe Intelligent Content Modification |
US8869281B2 (en) | 2013-03-15 | 2014-10-21 | Shape Security, Inc. | Protecting against the introduction of alien content |
CN104077504B (en) * | 2013-03-25 | 2017-04-19 | 联想(北京)有限公司 | Method and device for encrypting application program |
US20150039864A1 (en) * | 2013-07-31 | 2015-02-05 | Ebay Inc. | Systems and methods for defeating malware with randomized opcode values |
US9213807B2 (en) * | 2013-09-04 | 2015-12-15 | Raytheon Cyber Products, Llc | Detection of code injection attacks |
US9292684B2 (en) | 2013-09-06 | 2016-03-22 | Michael Guidry | Systems and methods for security in computer systems |
GB2519115A (en) * | 2013-10-10 | 2015-04-15 | Ibm | Providing isolated entropy elements |
KR101536920B1 (en) * | 2013-12-16 | 2015-07-15 | 주식회사 에스이웍스 | Method of Obfuscating Files Based on Advanced RISC Machine Processor |
US8954583B1 (en) | 2014-01-20 | 2015-02-10 | Shape Security, Inc. | Intercepting and supervising calls to transformed operations and objects |
US8893294B1 (en) | 2014-01-21 | 2014-11-18 | Shape Security, Inc. | Flexible caching |
US9544329B2 (en) | 2014-03-18 | 2017-01-10 | Shape Security, Inc. | Client/server security by an intermediary executing instructions received from a server and rendering client application instructions |
US9659156B1 (en) * | 2014-03-20 | 2017-05-23 | Symantec Corporation | Systems and methods for protecting virtual machine program code |
US8997226B1 (en) | 2014-04-17 | 2015-03-31 | Shape Security, Inc. | Detection of client-side malware activity |
US9075990B1 (en) | 2014-07-01 | 2015-07-07 | Shape Security, Inc. | Reliable selection of security countermeasures |
US9825984B1 (en) | 2014-08-27 | 2017-11-21 | Shape Security, Inc. | Background analysis of web content |
US9825995B1 (en) | 2015-01-14 | 2017-11-21 | Shape Security, Inc. | Coordinated application of security policies |
US10049054B2 (en) * | 2015-04-01 | 2018-08-14 | Micron Technology, Inc. | Virtual register file |
US9813440B1 (en) | 2015-05-15 | 2017-11-07 | Shape Security, Inc. | Polymorphic treatment of annotated content |
US9807113B2 (en) | 2015-08-31 | 2017-10-31 | Shape Security, Inc. | Polymorphic obfuscation of executable code |
US9760736B2 (en) * | 2015-09-29 | 2017-09-12 | International Business Machines Corporation | CPU obfuscation for cloud applications |
US11170098B1 (en) * | 2015-11-10 | 2021-11-09 | Source Defense Ltd. | System, method, and medium for protecting a computer browser from third-party computer code interference |
FR3045858B1 (en) * | 2015-12-16 | 2018-02-02 | Oberthur Technologies | METHOD FOR LOADING A SEQUENCE OF INSTRUCTION CODES, METHOD FOR EXECUTING A SEQUENCE OF INSTRUCTION CODES, METHOD FOR IMPLEMENTING AN ELECTRONIC ENTITY, AND ASSOCIATED ELECTRONIC ENTITIES |
WO2017156158A1 (en) | 2016-03-09 | 2017-09-14 | Shape Security, Inc. | Applying bytecode obfuscation techniques to programs written in an interpreted language |
CN105868589B (en) * | 2016-03-30 | 2019-11-19 | 网易(杭州)网络有限公司 | A kind of script encryption method, script operation method and device |
US11349816B2 (en) | 2016-12-02 | 2022-05-31 | F5, Inc. | Obfuscating source code sent, from a server computer, to a browser on a client computer |
CN107315930A (en) * | 2017-07-07 | 2017-11-03 | 成都恒高科技有限公司 | A kind of method of protection Python programs |
US10824719B1 (en) * | 2017-08-01 | 2020-11-03 | Rodney E. Otts | Anti-malware computer systems and method |
US10489585B2 (en) | 2017-08-29 | 2019-11-26 | Red Hat, Inc. | Generation of a random value for a child process |
KR102416501B1 (en) | 2017-09-20 | 2022-07-05 | 삼성전자주식회사 | Electronic device and control method thereof |
US20190163642A1 (en) * | 2017-11-27 | 2019-05-30 | Intel Corporation | Management of the untranslated to translated code steering logic in a dynamic binary translation based processor |
KR102456579B1 (en) * | 2017-12-07 | 2022-10-20 | 삼성전자주식회사 | Computing apparatus and method thereof robust to encryption exploit |
US10810304B2 (en) * | 2018-04-16 | 2020-10-20 | International Business Machines Corporation | Injecting trap code in an execution path of a process executing a program to generate a trap address range to detect potential malicious code |
US11032251B2 (en) * | 2018-06-29 | 2021-06-08 | International Business Machines Corporation | AI-powered cyber data concealment and targeted mission execution |
US11809871B2 (en) * | 2018-09-17 | 2023-11-07 | Raytheon Company | Dynamic fragmented address space layout randomization |
US10884664B2 (en) * | 2019-03-14 | 2021-01-05 | Western Digital Technologies, Inc. | Executable memory cell |
US11741197B1 (en) | 2019-10-15 | 2023-08-29 | Shape Security, Inc. | Obfuscating programs using different instruction set architectures |
US11361070B1 (en) * | 2019-12-03 | 2022-06-14 | Ilya Rabinovich | Protecting devices from remote code execution attacks |
US11403392B2 (en) * | 2020-01-06 | 2022-08-02 | International Business Machines Corporation | Security handling during application code branching |
EP3907633B1 (en) * | 2020-05-05 | 2022-12-14 | Nxp B.V. | System and method for obfuscating opcode commands in a semiconductor device |
US20220197658A1 (en) * | 2020-12-21 | 2022-06-23 | Intel Corporation | Isa opcode parameterization and opcode space layout randomization |
US20230273990A1 (en) * | 2022-02-25 | 2023-08-31 | Shape Security, Inc. | Code modification for detecting abnormal activity |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5825878A (en) * | 1996-09-20 | 1998-10-20 | Vlsi Technology, Inc. | Secure memory management unit for microprocessor |
US7171693B2 (en) * | 2000-05-12 | 2007-01-30 | Xtreamlok Pty Ltd | Information security method and system |
WO2002071231A1 (en) * | 2001-02-15 | 2002-09-12 | Nokia Corporation | Method and arrangement for protecting information |
US7383443B2 (en) * | 2002-06-27 | 2008-06-03 | Microsoft Corporation | System and method for obfuscating code using instruction replacement scheme |
US20040221021A1 (en) * | 2003-04-30 | 2004-11-04 | Domer Jason A. | High performance managed runtime environment application manager equipped to manage natively targeted applications |
US7500098B2 (en) * | 2004-03-19 | 2009-03-03 | Nokia Corporation | Secure mode controlled memory |
JP2007535067A (en) * | 2004-04-29 | 2007-11-29 | コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ | Intrusion detection during program execution on a computer |
US20070016799A1 (en) * | 2005-07-14 | 2007-01-18 | Nokia Corporation | DRAM to mass memory interface with security processor |
US7620987B2 (en) * | 2005-08-12 | 2009-11-17 | Microsoft Corporation | Obfuscating computer code to prevent an attack |
US20070074046A1 (en) * | 2005-09-23 | 2007-03-29 | Czajkowski David R | Secure microprocessor and method |
US8108689B2 (en) * | 2005-10-28 | 2012-01-31 | Panasonic Corporation | Obfuscation evaluation method and obfuscation method |
US8041958B2 (en) * | 2006-02-14 | 2011-10-18 | Lenovo (Singapore) Pte. Ltd. | Method for preventing malicious software from execution within a computer system |
US20080127142A1 (en) * | 2006-11-28 | 2008-05-29 | Microsoft Corporation | Compiling executable code into a less-trusted address space |
US8434059B2 (en) * | 2009-05-01 | 2013-04-30 | Apple Inc. | Systems, methods, and computer-readable media for fertilizing machine-executable code |
-
2010
- 2010-12-18 US US12/972,433 patent/US20120159193A1/en not_active Abandoned
-
2011
- 2011-11-10 TW TW100141079A patent/TW201227394A/en unknown
- 2011-12-07 AR ARP110104591 patent/AR084212A1/en unknown
- 2011-12-14 WO PCT/US2011/064755 patent/WO2012082812A2/en active Application Filing
- 2011-12-14 EP EP11848568.9A patent/EP2652668A4/en not_active Withdrawn
- 2011-12-14 KR KR20137015750A patent/KR20130132863A/en not_active Application Discontinuation
- 2011-12-14 JP JP2013544716A patent/JP2014503901A/en active Pending
- 2011-12-16 CN CN201110443529.7A patent/CN102592082B/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
CN102592082B (en) | 2015-07-22 |
EP2652668A2 (en) | 2013-10-23 |
WO2012082812A3 (en) | 2012-08-16 |
US20120159193A1 (en) | 2012-06-21 |
CN102592082A (en) | 2012-07-18 |
JP2014503901A (en) | 2014-02-13 |
TW201227394A (en) | 2012-07-01 |
KR20130132863A (en) | 2013-12-05 |
WO2012082812A2 (en) | 2012-06-21 |
EP2652668A4 (en) | 2015-06-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AR084212A1 (en) | METHOD, COMPUTER SYSTEM AND LEGIBLE STORAGE MEDIA BY COMPUTER TO PROVIDE SECURITY THROUGH OPERATION CODES | |
BR112013019245A2 (en) | method and apparatus for locking and unlocking multiple operating system environments with a single gesture input | |
WO2012094107A3 (en) | Performing social networking functions using matrix codes | |
AR094474A1 (en) | USER INTERFACE, METHOD AND LEGIBLE STORAGE MEDIA BY COMPUTER TO PROVIDE A CONTEXTUAL PREDICTIVE TOOL BAR FOR PRODUCTIVITY APPLICATIONS | |
BR112014018088A2 (en) | SYSTEM FOR MANAGING, IDENTIFYING OR TRACKING MOBILE OBJECTS THAT ARE USED FOR A TEMPORARY PERIOD OF TIME BY AT LEAST ONE USER, METHOD FOR MANAGEMENT, IDENTIFICATION OR TRACKING OF MOBILE OBJECTS THAT ARE USED FOR A TEMPORARY PERIOD OF TIME BY USERS AND SYSTEM FOR MANAGEMENT, IDENTIFICATION OR TRACKING OF MOBILE OBJECTS THAT ARE USED FOR A TEMPORARY PERIOD OF TIME BY USERS | |
AR072357A1 (en) | METHOD FOR CONDITIONING A MIXED LIQUOR CONTAINING NON-IONIC POLYACARIDS AND / OR NON-IONIC ORGANIC MOLECULES | |
AR093176A1 (en) | SYSTEM AND METHOD FOR INJECTING REAL-TIME PROGRAMMING CODE IN A PRINTING DEVICE | |
BR112014016607A2 (en) | geospatial location information center for criminals released | |
BRPI0917005A2 (en) | method, system, and machine-readable storage medium encoded with computer program code | |
TW201714084A (en) | Register error protection through binary translation | |
CR20120575A (en) | A PARKING CONTROL SYSTEM THROUGH A THIRD PARTY SYSTEM | |
Pacciani | Optical, X-, Gamma-ray flare of the FSRQ PKS 1441+ 25 | |
BR112016028525A2 (en) | mobile device, network component, method for operating mobile device and method for operating a network component | |
Jankowsky et al. | Detection of renewed optical activity from the gamma-ray source PKS 1510-089 with ATOM | |
Tomsick et al. | Renewed low-level X-ray and radio activity from Swift J1910. 2-0546 | |
Godet et al. | The Swift-XRT catches a possible rebrightening of the best intermediate mass black hole candidate, ESO 243-49 HLX-1 | |
AR077017A1 (en) | PHYSICAL SAMPLE OF A PRODUCT THAT HAS AT LEAST A PRODUCT SAMPLE CODE. | |
Ciprini et al. | Fermi LAT detection of renewed GeV activity from blazar 3C 279 | |
Kotowich | Non-thermal atmospheric pressure plasma source techniques on 3, 7-bis (dimethylamino)-phenothiazin-5-ium chloride | |
Heinz et al. | The interaction of microquasar jets with the companion wind | |
Lipunov et al. | BZQJ2331-2148, waked up on 502272781 Fermi trigger, returned to its quiet state | |
Walton | Searching for Reflection in PG1302-102, a Candidate Sub-pc Scale SMBH Binary | |
Meyer | The surprising nature of quasar jets as revealed by Fermi | |
Emig | Counterparts of IceCube High Energy Neutrinos | |
Becerra et al. | Fermi LAT Detection of a New Gamma-ray Source PKS 0131-522 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FB | Suspension of granting procedure |